Swarming computer security: an experiment in policy distribution

Despite all the resources invested in research in computer security, researchers and users alike frequently hear reports of security breaches: in many ways, it looks like researchers are loosing the battle against attackers. Furthermore, current trends tend to show that if novel approaches to security problems are not explored, things are likely to get worse, not better. A possible approach that may give security experts the upper hand requires them to examine the fundamental causes of security problems. Is it possible that our security woes exist primarily due to an antiquated approach to solving the problem? In this paper, we argue that the answer is yes: one of the fundamental weaknesses of our collective approach is the static nature of most security systems. We then suggest the use of countermeasures based on a more dynamic approach a la swarm. We concentrate here on the very important issue of security policy updates and show simulation results which demonstrate the promise of our approach.